Logi z DSS
- Kod: Zaznacz wszystko
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Polish
CPU 0: AMD Athlon(TM) XP 2200+
Percentage of Memory in Use: 49%
Physical Memory (total/avail): 767.53 MiB / 387.6 MiB
Pagefile Memory (total/avail): 1878.1 MiB / 1624.96 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1919.63 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 29.29 GiB total, 18.18 GiB free.
D: is Fixed (NTFS) - 45.23 GiB total, 29.94 GiB free.
E: is CDROM (No Media)
F: is CDROM (CDFS)
G: is Fixed (NTFS) - 18.62 GiB total, 4.72 GiB free.
\\.\PHYSICALDRIVE0 - WDC WD800BB-00CAA1 - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Instalowalny system plików - 29.29 GiB - C:
\PARTITION1 - Rozszerzona z rozszerzonym przerwaniem 13 - 45.23 GiB - D:
\\.\PHYSICALDRIVE1 - HITACHI_ DK23DA-20 USB Device - 18.63 GiB - 1 partition
\PARTITION0 - Instalowalny system plików - 18.62 GiB - G:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\xxx\Dane aplikacji
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ZZZ-8A68FBE51BB
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\xxx
LOGONSERVER=\\ZZZ-8A68FBE51BB
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\xxx\USTAWI~1\Temp
TMP=C:\DOCUME~1\xxx\USTAWI~1\Temp
USERDOMAIN=ZZZ-8A68FBE51BB
USERNAME=xxx
USERPROFILE=C:\Documents and Settings\xxx
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
xxx [I](admin)[/I]
LEWBEATA [I](admin)[/I]
-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
50 FREE MP3s +1 Free Audiobook! --> "C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
802.11g Wireless Network Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9166DD9E-FF78-4B06-8DE6-3071C3DC0687}\setup.exe" -l0x9
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.0 - Polish --> MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81000000003}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
ALLPlayer V3.X --> "C:\Program Files\MarBit\ALLPlayer\unins000.exe"
AML Free Registry Cleaner 4.0 --> "C:\Program Files\AML Products\Registry Cleaner\unins000.exe"
Ashampoo Burning Studio 2008 --> "C:\Program Files\Ashampoo\Ashampoo Burning Studio 2008\unins000.exe"
Atlas świata --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF085552-7B64-4D40-9212-D98ECF15D838}\setup.exe" -l0x15
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Conflict Desert Storm II --> D:\CONFLI~1\CONFLI~1\UNWISE.EXE D:\CONFLI~1\CONFLI~1\INSTALL.LOG
Conflict Desert Storm PL --> D:\PROGRA~1\CONFLI~2\UNWISE.EXE D:\PROGRA~1\CONFLI~2\INSTALL.LOG
Counter-Strike 1.6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
DX-Ball 1.09 --> C:\PROGRA~1\DX-Ball\UNWISE.EXE C:\PROGRA~1\DX-Ball\INSTALL.LOG
DX-Ball 2 v1.2 --> C:\PROGRA~1\DXBall2\UNWISE.EXE C:\PROGRA~1\DXBall2\INSTALL.LOG
Dysk wspomnieniowy HP --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
ESET Smart Security --> MsiExec.exe /I{E8046F6F-E286-4989-BEB3-175307C95148}
FlashGet ads support --> RunDll32 C:\WINDOWS\system32\cd_clint.dll,ServiceRunDll u_277
FlatOut --> MsiExec.exe /I{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}
Football Generation --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{74299A64-3EB6-4260-AAFB-8DC62A70E85E}\Setup.exe" -l0x9
Gadu-Gadu 7.7 --> D:\gg\Gadu-Gadu\Setup.exe
GameDesire-Pool & Snooker --> C:\Program Files\Ganymede\billiards_uninstall.exe
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Gimnazjum_testy_2008 1.0 --> D:\Program Files\Gimnazjum_testy_2008\uninst.exe
Gothic --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{758A4269-70E5-4B11-B419-F692882408A9}\setup.exe" -l0x15
Gothic II --> D:\PROGRA~1\GOTHIC~1\UNWISE.EXE D:\PROGRA~1\GOTHIC~1\INSTALL.LOG
Heroes of Might and Magic® III --> C:\WINDOWS\IsUn0415.exe -fd:\heroes3\Uninst.isu -c"d:\heroes3\uninst.dll
hp deskjet 5100 --> msiexec /x{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}
HP Photo and Imaging 2.0 - Deskjet Series --> MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
Image Signature 1.5.1 --> "C:\Program Files\BBProject\Image Signature\unins000.exe"
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kalendarz XP v29.85 --> C:\Program Files\Kalendarz XP\uninstall.exe
Kozacy - Europejskie boje --> C:\WINDOWS\uncsetup.exe
Lara Croft Tomb Raider: The Angel Of Darkness --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{93656878-FF8B-4935-99BB-F3F260037C57}
Microsoft Office Access MUI (Polish) 2007 --> MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007 --> MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007 --> MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007 --> MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007 --> MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007 --> MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007 --> MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007 --> MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007 --> MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007 --> MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007 --> MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007 --> MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Multimedialny słownik angielsko-polski --> C:\Program Files\Leksykonia\Rzeczpospolita\TL6\bin\deinstal.exe
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050) --> "C:\Program Files\ESET\ESET Smart Security\unins000.exe"
Nokia Connectivity Cable Driver --> MsiExec.exe /X{0FF1922C-B6C4-40BB-AF30-BEF75A482444}
Nokia PC Suite --> MsiExec.exe /I{D89AC4DF-7A00-4D0B-BA99-D582C7974A09}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PC Connectivity Solution --> MsiExec.exe /I{AB2347E4-153B-4194-AA3B-97C0A662B369}
PhotoDream 1.26 --> "C:\Program Files\PhotoDreamr\unins000.exe"
Picasa 2 --> "d:\Picasa2\Uninstall.exe"
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Stunt GP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}\setup.exe"
Tactical Ops - Wojna z Terrorem --> C:\Program Files\InstallShield Installation Information\{AF051ABD-880B-4B0F-8AA6-C0B7351F7698}\setup.exe -runfromtemp -l0x0015 -removeonly
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
VDOTool 5.3 --> "C:\Program Files\VDOTool\unins000.exe"
Warlords Battlecry --> C:\WINDOWS\IsUninst.exe -f"d:\program files\Uninst.isu"
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_6B630EE2E66584353C6CD8683D447072872F34D8\pccswpddriver.inf
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type2616 / Warning
Event Submitted/Written: 07/25/2008 07:40:07 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Nie można połączyć się z serwerem. Błąd: 0x800401F0
Event Record #/Type2602 / Error
Event Submitted/Written: 07/21/2008 02:18:23 PM
Event ID/Source: 1000 / Application Error
Event Description:
Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x001f57fa.
Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!]
Event Record #/Type2601 / Error
Event Submitted/Written: 07/21/2008 02:03:51 PM
Event ID/Source: 1000 / Application Error
Event Description:
Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x001f57fa.
Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!]
Event Record #/Type2597 / Error
Event Submitted/Written: 07/21/2008 00:02:42 AM
Event ID/Source: 1000 / Application Error
Event Description:
Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x001f57fa.
Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!]
Event Record #/Type2559 / Error
Event Submitted/Written: 06/29/2008 11:52:42 PM
Event ID/Source: 1000 / Application Error
Event Description:
Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.2180, moduł powodujący błąd msvcr80.dll, wersja 8.0.50727.163, adres błędu 0x000177a9.
Przetwarzanie zdarzenia określonego nośnika dla [explorer.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type23591 / Error
Event Submitted/Written: 07/25/2008 07:42:20 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd:
%%1460
Event Record #/Type23563 / Error
Event Submitted/Written: 07/25/2008 07:35:30 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd:
%%1460
Event Record #/Type23560 / Warning
Event Submitted/Written: 07/25/2008 07:35:30 PM
Event ID/Source: 57 / Ftdisk
Event Description:
Nie można zrzucić danych do dziennika transakcji. Może wystąpić uszkodzenie.
Event Record #/Type23521 / Warning
Event Submitted/Written: 07/25/2008 07:21:46 PM
Event ID/Source: 57 / Ftdisk
Event Description:
Nie można zrzucić danych do dziennika transakcji. Może wystąpić uszkodzenie.
Event Record #/Type23509 / Error
Event Submitted/Written: 07/25/2008 01:24:53 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd:
%%1460
-- End of Deckard's System Scanner: finished at 2008-07-25 19:59:51 ------------
- Kod: Zaznacz wszystko
Deckard's System Scanner v20071014.68
Run by xxx on 2008-07-25 19:55:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
12: 2008-07-25 17:55:35 UTC - RP212 - Deckard's System Scanner Restore Point
11: 2008-07-25 17:46:43 UTC - RP211 - Usunięto: Nero - Burning Rom
10: 2008-07-25 17:45:33 UTC - RP210 - Zainstalowany program DirectX
9: 2008-07-25 17:40:50 UTC - RP209 - Removed BurnAware Free Edition
8: 2008-07-25 17:39:17 UTC - RP208 - Zainstalowano: Microsoft Visual C++ 2005 Redistributable
-- First Restore Point --
1: 2008-07-20 20:17:27 UTC - RP201 - Punkt kontrolny systemu
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-25 19:58:09
Platform: Windows XP Dodatek Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\B54GT Wireless Monitor\WLService.exe
C:\Program Files\B54GT Wireless Monitor\WLanCfgG.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\VDOTool\TBPANEL.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\xxx\Pulpit\Security\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - (no file)
O2 - BHO: (no name) - {37B85A21-692B-4205-9CAD-2626E4993404} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\BEARSH~1\FlashGet\jccatch.dll (file missing)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\gg\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Download All by FlashGet - D:\Bearshare\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\Bearshare\FlashGet\jc_link.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\BEARSH~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\BEARSH~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{EF8B6E16-4D48-4712-B538-5DEB4734237D}: NameServer = 194.204.152.34,194.204.159.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: 802.11g Wireless Network Adapter (B54GT Wireless Service) - Unknown owner - C:\Program Files\B54GT Wireless Monitor\WLService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O24 - Desktop Component 0: - http://szukaj.torrenty.org/themes/default/images/logo_diab.jpg
--
End of file - 8573 bytes
-- File Associations -----------------------------------------------------------
[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 prohlp02 (StarForce Protection Helper Driver v2) - c:\windows\system32\drivers\prohlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 prosync1 (StarForce Protection Synchronization Driver v1) - c:\windows\system32\drivers\prosync1.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp01 (StarForce Protection Helper Driver) - c:\windows\system32\drivers\sfhlp01.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
R1 prodrv06 (StarForce Protection Environment Driver v6) - c:\windows\system32\drivers\prodrv06.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 VIAPFD - c:\windows\system32\drivers\viapfd.sys <Not Verified; VIA Technologies. Inc.; VIA PFD driver>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.0.0) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1>
R3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - c:\windows\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 B54GT Wireless Service (802.11g Wireless Network Adapter) - c:\program files\b54gt wireless monitor\wlservice.exe
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-06-25 and 2008-07-25 -----------------------------
2008-07-25 19:49:56 0 d-------- C:\Program Files\Ashampoo
2008-07-25 19:46:01 0 d-------- C:\Program Files\IrfanView
2008-07-25 19:41:50 0 d-------- C:\WINDOWS\Logs
2008-07-25 19:41:25 0 d-------- C:\WINDOWS\LastGood
2008-07-25 19:38:51 0 d-------- C:\WINDOWS\system32\Adobe
2008-07-25 19:34:55 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-07-25 19:32:31 0 d-------- C:\WINDOWS\pss
2008-07-25 19:18:23 0 d-------- C:\WINDOWS\system32\appmgmt
2008-06-28 15:41:08 0 d-------- C:\Program Files\MarBit
-- Find3M Report ---------------------------------------------------------------
2008-07-25 19:50:37 0 d-------- C:\Documents and Settings\xxx\Dane aplikacji\Ashampoo
2008-07-25 19:47:06 0 d-------- C:\Program Files\Ahead
2008-07-25 19:43:15 0 d-------- C:\Program Files\Folderico
2008-07-25 19:34:44 0 d-------- C:\Documents and Settings\xxx\Dane aplikacji\ESET
2008-07-25 19:26:37 0 d-------- C:\Program Files\BearShare
2008-07-25 19:26:05 0 d-------- C:\Program Files\Tibia
2008-07-25 19:24:11 0 d-------- C:\Program Files\Google
2008-07-25 19:22:30 0 d-------- C:\Program Files\Common Files
2008-07-25 16:47:34 0 d-------- C:\Documents and Settings\xxx\Dane aplikacji\uTorrent
2008-07-25 16:28:28 0 d-------- C:\Program Files\Kalendarz XP
2008-07-20 21:39:47 0 d-------- C:\Program Files\Valve
2008-07-20 21:34:41 0 d-------- C:\Program Files\Winamp
2008-07-20 21:28:32 0 d-------- C:\Documents and Settings\xxx\Dane aplikacji\Winamp
2008-07-18 14:41:25 0 d-------- C:\Documents and Settings\xxx\Dane aplikacji\PC Suite
2008-07-18 14:41:19 0 d-------- C:\Documents and Settings\xxx\Dane aplikacji\Nokia
2008-06-29 11:03:39 0 d-------- C:\Program Files\Messenger
2008-06-19 17:05:19 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-29 19:13:32 0 d-------- C:\Program Files\FlashGet
2008-05-26 18:12:53 0 d-------- C:\Program Files\Common Files\Adobe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="C:\Program Files\VDOTool\TBPanel.exe" [2007-06-26 15:58]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-07-23 04:34]
"nwiz"="nwiz.exe" [2007-07-23 04:34 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-07-23 04:34]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 12:40]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-26 09:19]
"DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 21:56]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-13 16:48]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="D:\gg\Gadu-Gadu\gg.exe" [2008-03-20 12:04]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Kalendarz XP.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kalendarz XP.lnk
backup=C:\WINDOWS\pss\Kalendarz XP.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
path=C:\Documents and Settings\xxx\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
backup=C:\WINDOWS\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
d:\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Program Files\Winamp\winampa.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb05fc04-db0b-11dc-903d-000e8e00a815}]
AutoRun\command- G:\EXPLORER.EXE
explore\Command- G:\EXPLORER.EXE
open\Command- G:\EXPLORER.EXE
-- End of Deckard's System Scanner: finished at 2008-07-25 19:59:51 ------------